Search results for: GitHub Pages

Learn about browser extension security and secure your extensions with the help of CodeQL.

Open source software underpins all sectors of the economy, public services and even international organizations like the United Nations. How can all its beneficiaries work together to make the open source ecosystem more sustainable?

The pull request commits page has been refreshed to improve performance, improve consistency with other pages, and to make the experience more accessible! To minimize disruptions, the capabilities of the…

Latest Engineering Spotlight Featured playlists Explore GitHub Universe 2025 Learn about GitHub Copilot Stay informed with The Download Explore GitHub for Beginners News & insights

Code scanning autofix for alerts in default branch is now available in public beta for all GitHub Advanced Security customers. This feature empowers developers to reduce the time and effort…

Unstructured data holds valuable information about codebases, organizational best practices, and customer feedback. Here are some ways you can leverage it with RAG, or retrieval-augmented generation.

Gain valuable insights and effectively monitor your enterprise’s security landscape and progress with two new enterprise-level pages: the security overview dashboard and secret scanning metrics. Key features Customizable filters: Select…

From mastering prompt engineering to leveraging AI for code security, here’s how you can excel in today’s competitive job market.

Discover the latest trends and insights on public software development activity on GitHub with the release of Q4 2023 data for the Innovation Graph.

In this post, I’ll look at CVE-2023-6241, a vulnerability in the Arm Mali GPU that allows a malicious app to gain arbitrary kernel code execution and root on an Android phone. I’ll show how this vulnerability can be exploited even when Memory Tagging Extension (MTE), a powerful mitigation, is enabled on the device.

Enterprise Managed Users can now enable secret scanning on their user namespace repositories. Owners of user repositories will receive secret scanning alerts when a supported secret is detected in their…

Get excited for this month’s Release Radar. Maintainers were hard at work this past month, shipping major updates for you all. Read on for our top staff picks.

Using CVE-2023-43641 as an example, I’ll explain how to develop an exploit for a memory corruption vulnerability on Linux. The exploit has to bypass several mitigations to achieve code execution.

Users who are not part of the mandatory 2FA program will now be added to it within 24 hours of creating their first release. In August we expanded the 2FA…

In this post, I’ll exploit CVE-2023-4069, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.

CVE-2023-43641 is a vulnerability in libcue, which can lead to code execution by downloading a file on GNOME.

In this post, I’ll exploit CVE-2023-3420, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.

GitHub Advanced Security customers can now perform on-demand validity checks for supported partner patterns, and the alert index view now shows if a secret is active. This builds on our…

A look at how we improved the readability of code on GitHub.

SELinux is the most popular Linux Security Module used to isolate and protect system components from one another. Learn about different access control systems and Linux security as I introduce the foundations of a popular type system.

The new GitHub Code View brings users many new features to improve the code reading and exploration experiences, and we overcame a number of unique technical hurdles in order to deliver those features without compromising performance.